Описание
Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration.
Ссылки
- Product
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gestioip:gestioip:3.5.7:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00137
Низкий
8.8 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
debian
около 1 года назад
Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Req ...
CVSS3: 8.8
github
около 1 года назад
Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration.
EPSS
Процентиль: 34%
0.00137
Низкий
8.8 High
CVSS3
Дефекты
CWE-352